Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/4656f7-0054-48d4-961a-6dbdec51168d/1/4mt3By-3eHKHR3dA_hDk7ez7HE0.roa
File: 4mt3By-3eHKHR3dA_hDk7ez7HE0.roa (raw, json)
Hash identifier: 3ZrxYSjPBqaMfMTlbppW2gq1SiQ9KIz8pJDt6rZXs4g=
Subject key identifier: E2:6B:77:07:2F:B7:78:72:87:47:77:40:FE:10:E4:ED:EC:FB:1C:4D
Certificate issuer: /CN=a1d9b35bc3e9f2493c64d06f5b2d4a99c5f251e9
Certificate serial: 018CC2DAFF05E5B8F4D995D8443DF3834998
Authority key identifier: A1:D9:B3:5B:C3:E9:F2:49:3C:64:D0:6F:5B:2D:4A:99:C5:F2:51:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odmzW8Pp8kk8ZNBvWy1KmcXyUek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/4656f7-0054-48d4-961a-6dbdec51168d/1/4mt3By-3eHKHR3dA_hDk7ez7HE0.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39934
IP address blocks: 185.224.4.0/24 maxlen: 24
185.224.5.0/24 maxlen: 24
185.224.7.0/24 maxlen: 24
185.224.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/4656f7-0054-48d4-961a-6dbdec51168d/1/odmzW8Pp8kk8ZNBvWy1KmcXyUek.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/4656f7-0054-48d4-961a-6dbdec51168d/1/odmzW8Pp8kk8ZNBvWy1KmcXyUek.mft
rsync://rpki.ripe.net/repository/DEFAULT/odmzW8Pp8kk8ZNBvWy1KmcXyUek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ff:05:e5:b8:f4:d9:95:d8:44:3d:f3:83:49:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d9b35bc3e9f2493c64d06f5b2d4a99c5f251e9
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e26b77072fb7787287477740fe10e4edecfb1c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:52:60:12:db:16:c7:61:94:01:eb:1a:d1:33:
08:68:95:58:9c:d3:2b:ff:25:3d:5a:46:82:0a:28:
6c:5f:01:e4:ef:81:1f:97:5c:f3:bc:14:8a:fa:f6:
da:d0:da:75:e8:68:c9:50:d4:13:a2:85:d1:19:41:
6c:fd:50:3d:97:8c:ca:11:ed:fe:5d:39:25:01:1b:
fe:43:2d:34:af:c6:fc:dc:ed:f6:d2:32:ef:5b:6a:
d1:a1:03:0c:65:21:1f:e3:43:c2:f5:33:c4:49:42:
36:fb:69:f9:f0:61:7e:bb:e0:b4:35:d4:ff:17:14:
23:00:b2:fd:dd:45:28:b3:3b:55:03:6f:32:2b:d4:
6e:0f:d5:36:96:8e:49:8c:ac:fa:f3:dd:6f:80:b1:
ee:63:ed:af:a2:4c:39:3b:c0:db:f8:62:ce:4c:d6:
2f:6b:2f:be:f9:d7:db:3d:be:33:4f:3c:ca:67:41:
e9:15:39:21:f8:51:d5:20:8d:6e:ab:59:04:67:0e:
ab:6a:03:e5:41:d5:df:9c:21:50:fd:3e:f6:e9:8d:
55:b4:da:ca:7c:06:58:31:cc:fa:56:40:41:bd:b1:
03:94:bc:3e:c7:25:15:72:d2:f2:9a:50:da:1d:43:
e1:ea:e4:5d:fa:56:f4:5f:3b:78:8b:33:d9:29:2b:
bc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6B:77:07:2F:B7:78:72:87:47:77:40:FE:10:E4:ED:EC:FB:1C:4D
X509v3 Authority Key Identifier:
keyid:A1:D9:B3:5B:C3:E9:F2:49:3C:64:D0:6F:5B:2D:4A:99:C5:F2:51:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odmzW8Pp8kk8ZNBvWy1KmcXyUek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/4656f7-0054-48d4-961a-6dbdec51168d/1/4mt3By-3eHKHR3dA_hDk7ez7HE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/4656f7-0054-48d4-961a-6dbdec51168d/1/odmzW8Pp8kk8ZNBvWy1KmcXyUek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.4.0/22
Signature Algorithm: sha256WithRSAEncryption
26:9c:b2:d7:38:b1:91:66:b3:b0:71:e3:0a:ad:65:1d:01:1e:
20:af:70:43:72:85:85:39:bb:b9:88:d2:13:54:3b:a8:e7:b1:
43:19:79:4e:10:24:30:a5:bc:48:f0:3d:78:a4:73:44:0e:46:
5f:49:33:d9:b8:61:ed:20:b9:98:8b:77:ea:dc:c4:aa:9d:2e:
e4:63:f1:cf:a8:9c:f2:46:75:7f:93:dc:8a:e9:9f:f3:7d:8a:
e9:3c:43:99:03:f0:d5:5d:26:78:4c:13:6f:8b:4e:e3:78:33:
56:86:85:63:df:41:e8:8c:99:3d:cd:3d:1b:ac:a8:82:22:17:
ee:f7:20:d3:ba:7a:1e:66:6c:92:19:0a:3f:c8:9c:be:d2:dd:
b3:79:77:9e:16:a3:04:05:82:a9:8d:ec:ce:19:6a:16:1d:8c:
24:dd:c9:3d:bf:65:0a:b9:62:86:29:44:60:bf:a0:45:44:6a:
9b:bc:df:21:c7:33:d3:f6:98:99:78:07:f8:b7:f4:57:7c:e0:
65:be:49:93:c9:73:00:82:b0:32:37:b5:01:50:d7:8f:4d:5f:
c5:0a:84:6c:91:79:e6:cf:a2:ed:f9:66:32:1a:ee:1f:40:9e:
84:e4:45:f3:06:56:01:95:6d:c9:e3:ec:64:40:7b:00:d2:00:
33:63:91:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2v8F5bj02ZXYRD3zg0mYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDliMzViYzNlOWYyNDkzYzY0ZDA2ZjViMmQ0YTk5YzVm
MjUxZTkwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjZiNzcwNzJmYjc3ODcyODc0Nzc3NDBmZTEwZTRlZGVjZmIxYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1JgEtsWx2GUAesa0TMIaJVYnNMr
/yU9WkaCCihsXwHk74Efl1zzvBSK+vba0Np16GjJUNQTooXRGUFs/VA9l4zKEe3+
XTklARv+Qy00r8b83O320jLvW2rRoQMMZSEf40PC9TPESUI2+2n58GF+u+C0NdT/
FxQjALL93UUosztVA28yK9RuD9U2lo5JjKz6891vgLHuY+2vokw5O8Db+GLOTNYv
ay+++dfbPb4zTzzKZ0HpFTkh+FHVII1uq1kEZw6ragPlQdXfnCFQ/T726Y1VtNrK
fAZYMcz6VkBBvbEDlLw+xyUVctLymlDaHUPh6uRd+lb0Xzt4izPZKSu8ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOJrdwcvt3hyh0d3QP4Q5O3s+xxNMB8GA1UdIwQY
MBaAFKHZs1vD6fJJPGTQb1stSpnF8lHpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2Rtelc4UHA4a2s4Wk5Cdld5MUttY1h5VWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80NjU2ZjctMDA1NC00OGQ0LTk2MWEt
NmRiZGVjNTExNjhkLzEvNG10M0J5LTNlSEtIUjNkQV9oRGs3ZXo3SEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80NjU2ZjctMDA1NC00OGQ0LTk2MWEtNmRiZGVjNTExNjhk
LzEvb2Rtelc4UHA4a2s4Wk5Cdld5MUttY1h5VWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueAEMA0G
CSqGSIb3DQEBCwUAA4IBAQAmnLLXOLGRZrOwceMKrWUdAR4gr3BDcoWFObu5iNIT
VDuo57FDGXlOECQwpbxI8D14pHNEDkZfSTPZuGHtILmYi3fq3MSqnS7kY/HPqJzy
RnV/k9yK6Z/zfYrpPEOZA/DVXSZ4TBNvi07jeDNWhoVj30HojJk9zT0brKiCIhfu
9yDTunoeZmySGQo/yJy+0t2zeXeeFqMEBYKpjezOGWoWHYwk3ck9v2UKuWKGKURg
v6BFRGqbvN8hxzPT9piZeAf4t/RXfOBlvkmTyXMAgrAyN7UBUNePTV/FCoRskXnm
z6Lt+WYyGu4fQJ6E5EXzBlYBlW3J4+xkQHsA0gAzY5Gx
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:15:36 2024 by rpki-client on console-ams.rpki-client.org